<?php
require 'lib/init.php';
if(empty($_POST)){
    if(isset($_COOKIE['code_path'])){
        unlink(ROOT.$_COOKIE['code_path']);
        setcookie('code',null,0);
        setcookie('code_path',null,0);
    }
    $verifyCode=verify();
    require 'view/admin/login.html';
}else{
    if($_POST['code']===$_COOKIE['code']){
        unlink(ROOT.$_COOKIE['code_path']);
        setcookie('code',null,0);
        setcookie('code_path',null,0);
        if(empty(trim($_POST['username']))||empty(trim($_POST['password']))){
           echo '用户名或密码不能为空';
           header('refresh:2;url=login.php');
           exit();
        }
        if($row=mGetRow("select * from user where username='$_POST[username]';")){
            if($row['password']==md5($row['salt'].$_POST['password'])){
                mQuery('update user set lastlogin='.time().'where user_id='.$row['user_id']);
                setcookie('id',$row['user_id'],time()+3600,'/');
                setcookie('ccode',md5($row['salt'].$_POST['password']));
//                setcookie('username',$row['username'],time()+3600,'/');
//                session_start();
//                $_SESSION['username']=$row['username'];
//                $_SESSION['id']=session_id();
                header('location:artlist.php');
            }else{
                echo '密码错误';
                header('refresh:2;url=login.php');
                exit();
            }
        }else{
            echo '用户名不存在';
            exit();
        }
    }else{
        echo '验证码错误';
        unlink(ROOT.$_COOKIE['code_path']);
        setcookie('code',null,0);
        setcookie('code_path',null,0);
        header('refresh:2;url=login.php');
    }
}
